Ounce in the News

Web 2.0: A New Port of Entry for Hackers?

07/23/2007, Wall Street & Technology

Summary
Web 2.0 applications like blogs, wikis and podcasts foster increased collaboration and communication, also exposing corporate networks’ web application vulnerabilities to new attacks. Web 2.0 applications enable anyone to have access to your source code and will compromise your security without you knowing it is happening, according to Ryan Berg, co-founder and chief scientist for Ounce Labs, a provider of source code vulnerability analysis solutions. Just visiting a Web site is sufficient for malicious code to start running on your machine in the background and taking advantage of your security vulnerabilities. JavaScipt enables any site to potentially run code in the context of your browser. Internet Explorer is another potential minefield for exposing your system to Active X control threats.

Read full article at source code analysis.

Find out more about web application security.